Per Erik Strandberg /cv /kurser /blog

Summary and Goal

This tutorial brings Plone Folderish Content Types And References to another level. Here we will try to make a simple folder type that might contain another really simple type accessible to anyone logged in to our site. Sounds easy but when starting this tutorial I have no idea of where to start.

The content types

The starting material (available here: [1] - also see the corrected version here: [2]) contains four extremely stripped files. The classes for the content types are more or less just copies of the base folder and base content:

class SimpleFolder(BaseFolder):
    "A folder to put simple things in."
    allowed_content_types = ('SimpleThing', )
    filter_content_types = 1
    _at_rename_after_creation = True

registerType(SimpleFolder, PROJECTNAME)

class SimpleThing(BaseContent):
    """An Archetype for simple things (only allowed in simple folders)"""
    _at_rename_after_creation = True
    global_allow = 0

registerType(SimpleThing, PROJECTNAME)

As you can see there is nothing in there really, just a base folder and a base class.

Defining the problem

When I create some content I typically do it as Admin, but I want a regular plain vanilla user to be able to add stuff as well. As you can see this is not initially trivial (when writing this I do not know how to - but I expect to know soon [:)]-|--< ).

First we can see that the user Admin (that created to SimpleFolder) has the right to add a Simple Thing.

Moving now to the sharing tab I want all logged in users to be able to add contents to this folder - so I enable as indicated by this image.

The problem now is that my plain vanilla plone user called per is now allowed to add stuff to this folder.

The solution

The problem might have been in the file.

# ...
from Products.CMFCore.permissions import AddPortalContent

# ...

def initialize(context):
    # ...
    for atype, constructor in allTypes:
        kind = "%s: %s" % (PROJECTNAME, atype.portal_type)
        utils.ContentInit(# ...
                          permission         = AddPortalContent,
                          # ...

I had not told Plone/Zope to use the default permissions-set so no permissions were used. That is a serious validation of Convention Over Configuration - especially since it is passed into the content initializer as an optional parameter :(

Anyway, this is what it looks like for the plain vanilla user now:

This corrected version can be downloaded here: [3]

This page belongs in Kategori Programmering.
This page belongs in Plone Cms